Online Pitstop

A Chinese-speaking cyber-criminal group named “Smishing Triad” has been observed conducting a large-scale smishing campaign targeting US citizens. This campaign has skillfully impersonated various postal and delivery services, including Royal Mail (UK), New Zealand Postal Service, Correos (Spain), PostNord (Sweden), Poste Italiane, Italian Revenue Service, USPS, Poczta Polska (Poland), J&T Express (Indonesia) and New Zealand Post. 

Fortinet has observed significant threat exploitation targeting Adobe ColdFusion, a web development computing platform. This is despite a series of security updates (APSB23-40, APSB23-41, and APSB23-47) released by Adobe in July following reports of several critical vulnerabilities in its platform. Since those updates, however, Fortinet’s FortiGuard Labs IPS telemetry data has continued to detect numerous

The UK and its Five Eyes partners (Australia, Canada, New Zealand and the US) officially support Ukraine’s attribution of Infamous Chisel, a new piece of malware infecting Ukraine’s military personnel’s mobile phones, to the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). In a joint report published on

The creators of ChatGPT, OpenAI, have launched ChatGPT Enterprise which it claims to be the “most powerful version of ChatGPT yet”. The company also claims that with the new version of its generative AI chatbot, users will get “enterprise-grade security and privacy”. Other features include unlimited higher-speed GPT-4 access, longer context windows for processing longer

by Paul Ducklin US food delivery compeny PurFoods, which trades as Mom’s Meals, has just admitted to a cyberintrusion that took place from 2023-01-16 to 2023-02-22. The company stated officially that: [The] cyberattack […] included the encryption of certain files in our network. Because the investigation identified the presence of tools that could be used

Microsoft has observed a proliferation of adversary-in-the-middle (AiTM) techniques deployed through phishing-as-a-service (PhaaS) platforms, the company explained in a series of tweets posted on August 28, 2023. On the one hand, there has been an increasing number of new AiTM-capable PhaaS platforms throughout 2023; on the other, established phishing services, such as PerSwaysion, have also

The North Korean state-sponsored actor Lazarus Group recently started a new campaign targeting internet backbone infrastructure and healthcare entities in Europe and the US, security researchers from Cisco Talos have found. The researchers said that the attackers began exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) in January 2023, only five days after it was disclosed. This

The FBI has urged users of affected Barracuda appliances to replace them immediately, after warning that they’re still being targeted by a Chinese APT group. A Flash update issued by the agency this week revealed that zero-day vulnerability CVE-2023-2868 continues to be exploited by the group, dubbed UNC4841 by Mandiant, in cyber-espionage attacks. “Barracuda customers

Security researchers are urging Azure Active Directory (AD) users to monitor for abandoned reply URLs after revealing a critical vulnerability in the Microsoft Power Platform. Secureworks said it discovered the reply URL takeover bug earlier in April and it was fixed by Microsoft within 24 hours. More specifically, the researchers had found an abandoned reply

The UK’s data protection watchdog is urging victims of so-called “text pests” to come forward after revealing that nearly a third (29%) of 18–34-year-olds have had their personal information misused. Text pest cases occur when an individual gives their personal details, including phone number or email, to a business for legitimate reasons. However, someone working

by Paul Ducklin HOW MANY CRYPTOGRAPHERS? No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of our RSS feed

Security researchers have detected a 178% increase in sextortion emails between the first half of 2022 and the same period this year, marking the category out as a top email threat. ESET said that sextortion emails ranked third among all email threats in H1 2023. They typically arrive unsolicited and claim to have compromising images

by Paul Ducklin The venerable RAR program, short for Roshal’s Archiver after its original creator, has been popular in file sharing and software distribution circles for decades, not least because of its built-in error recovery and file reconstruction features. Early internet users will remember, with little fondness, the days when large file transfers were shipped

Experian Consumer Services has agreed to a permanent injunction and to pay a civil penalty of $650,000 to settle allegations relating to the CAN-SPAM Act. The firm, whose parent company is credit agency giant Experian, provides online credit reports, scores and monitoring products to customers. A case filed in the US District Court for the

by Paul Ducklin A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found in a widely-known smart light bulb. The researchers seem to have chosen their target device, the TP-Link Tapo L530E, on the basis that it is “currently [the] best seller on Amazon Italy,”

A cyber-attack on Australian utility company, Energy One Limited (EOL), could have international impact with the firm’s corporate systems in the UK also affected. The company, a global supplier of software and services to the wholesale energy market, confirmed that it had taken steps to limit the impact of the incident and had alerted both

by Paul Ducklin Researchers at Apple device management company Jamf recently published an intriguing paper entitled Fake Airplane Mode: A mobile tampering technique to maintain connectivity. We’ll start with the good news: the tricks that Jamf discovered can’t magically be triggered remotely, for example merely by enticing you to a booby-trapped website. Attackers need to

The government is urging more schools to enrol their students in a government scheme designed to boost cyber skills, claiming that tens of thousands have already signed up since its launch in February last year. Around 2000 schools across the UK are participating in Cyber Explorers – a free learning platform for 11–14-year-olds designed to